Previously I covered Setting Up Adobe Connect With SSL where I did a full setup walk-through. To take things one step further, if you wish to also use the Adobe Connect API [at least from ColdFusion] you will need to add one more step.

If you followed my walkthrough and tried to access the API from ColdFusion via HTTPS right now you would get an error from CFHTTP: I/O Exception: peer not authenticated. To fix this you will need to add your certificate authoritie's intermediate certificate to your Adobe Connect's PEM files. The intermediate certificate completes the chain to a trusted root certificate. Without this, CF Fails where a browser would succeed.

For Verisign get your intermediate certificate here: For Verisign certs you will most likely need the "Secure Site Certificate" under "SSL, Code Signing, and OFX".

Now just like step 7.3 in my setup guide, you will need to paste the resulting key to the end of each of your PEM files. Now just restart Adobe Connect Services and ColdFusion's HTTP API interaction will now work as expected.

The correct layout for each of your PEM files shoud now be something like this:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,A410B11121312B8F

vX0m8vo56Ave5B8+ksBEMUw+RXhquf+95oKLbTb94vRuYrn4fRbVPS2soi6E/MyO
NT4NKFhFpM9yPL+hbeNdT5v57xk5YVa8gde1VV15zGtkJZ0jC1c1ifjkYSgm87lE
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIQOBf0eY3gQ07X8lth9y9vgDANBgkqhkiG9w0BAQUFADCB
sDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-----END CERTIFICATE-----
%CA Intermediate Certificate:
-----BEGIN CERTIFICATE-----
MIIEnDCCGRWPAwIBAgIQdTN5mrDhIzuuLX5kRpFi1DANBgkqhkiG9w0BAQUFADBf
MQswCQZDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BTNVBAsT
-----END CERTIFICATE-----
I've obviously shortened my certificates for exibition purposes

Yes again; I'm releasing yet another Mango Blog related item. For my own needs I needed to make some updates to my Code Coloring plugin and after testing the latest version for a day or so I would like to release it to everyone else. I'm very exited about now supporting the style attribute in the code block. While you can add any type of CSS code you want to this block, I was specifically thinking about height and width styles. This will allow you to write lots of code and give it a smaller height so it doesn't take up the entire page.

This is a full walkthrough; I'm writing this due to a few speed bumps that I ran into when installing Adobe Connect 7 Pro with SSL for the first time and due to the number of people that I found who were maybe even more confused than myself. Now that my install is working, the Adobe documentation seems very clear to me and I have no idea why I had issues, so I will attempt to slightly clarify what has already been written as well as add in some extra information and steps to smooth out the bumps. This install process will take you from the very beginning to very end of setup [after initial install].

1. Download OpenSSL from SourceForge (complete package except source)
   • http://gnuwin32.sourceforge.net/packages/openssl.htm
     
     
2. Run [<openssl install path>\bin\openssl.exe]
   • This will open an OpenSSL command prompt
     
     
3. Generate your private keys which will be put into your [<openssl install path>\bin] directory by running
   • genrsa –des3 –out connect.mydomain.com.key.pem 1024
   • genrsa –des3 –out connectmeeting.mydomain.com.key.pem 1024
     
     
4. Generate your certificates signing request which will be put into the same directory as above by running the below commands. If you are running this on windows, you maybe get an "Unable to load config info" error. If you do add the argument [-config "<openssl install path>\share\openssl.cnf"]
   • req –new –key connect.mydomain.com.key.pem –out connect.mydomain.com.csr
   • req –new –key connectmeeting.mydomain.com.key.pem –out connectmeeting.mydomain.com.csr
     
     
5. Fill out the resulting answers from running the commands in step 4, ignoring email address, challenge password and the optional company name. (at the end)
   
   
6. Send your generated PEM files to your Certificate Authority to get your certificates
   
   
7. Copy your PEM keys from step 4 into the root install folder of Adobe Connect
   1. Open them both with your text editor of choice.
   2. Now open the two certificates (.cer files) that you recieved from your certificate authority (from step 6) also with your text editor of choice.
   3. Now paste the contents of each .cer file to the end of it's respected .pem file.
      
8. Your connect.mydomain.com and connectmeeting.mydomain.com DNS entries should already be configured
   • Make sure that you don't have any HOST entries on the server for testing purposes for these 2 entires. I believe this cause an issue for me.
     
     
9. Open [<connect install path>\comserv\win32\conf\_defaultRoot_\Adaptor.xml]. After making a backup, Replace the <SSL>*</SSL> block a little more than half way down with the following and updating the bracketed & bolded text with your own information.
   <SSL>
      <Edge name="applicationserver">
            <SSLServerCtx>
                  <SSLCertificateFile>[<connect install path>\connect.mydomain.com.key.pem]</SSLCertificateFile>
                  <SSLCertificateKeyFile type="PEM">[<connect install path>\connect.mydomain.com.key.pem]</SSLCertificateKeyFile>
                  <SSLPassPhrase>[mypassphrase]</SSLPassPhrase>
                  <SSLCipherSuite>ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH</SSLCipherSuite>
                  <SSLSessionTimeout>5</SSLSessionTimeout>
            </SSLServerCtx>
      </Edge>
      <Edge name="meetingserver">
            <SSLServerCtx>
                  <SSLCertificateFile>[<connect install path>\connectmeeting.mydomain.com.key.pem]</SSLCertificateFile>
                  <SSLCertificateKeyFile type="PEM">[<connect install path>\connectmeeting.mydomain.com.cert.cer]</SSLCertificateKeyFile>
                  <SSLPassPhrase>[mypassphrase]</SSLPassPhrase>
                  <SSLCipherSuite>ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH</SSLCipherSuite>
                  <SSLSessionTimeout>5</SSLSessionTimeout>
            </SSLServerCtx>
      </Edge>
</SSL>
   
   
10. In the same Adaptor.xml file as above, fine the <HostPortList> node. There will most likely only be one uncommented line that will look like:
    <HostPort name="edge1">${DEFAULT_FCS_HOSTPORT}</HostPort>
    Replace this node with the following 2
    <HostPort name="applicationserver" ctl_channel=":19351">[your application server ip]:-443</HostPort>
<HostPort name="meetingserver" ctl_channel=":19350">[your meeting server ip]:-443</HostPort>
    Save and Close the Adapter.xml file
    
    
11. Open [<connect install path>\custom.ini] and add to the end of the file the following code:
    ADMIN_PROTOCOL = https://
SSL_ONLY = yes
HTTPS_PORT = 8443
RTMP_SEQUENCE = rtmps://external-host:443/?rtmp://localhost:8506/
    You will not change ANYTHING in this code block, leave as is.
    Save and Close the custom.ini file
    
    
12. Open [<connect install path>\comserv\win32\conf\_defaultRoot_\_defaultVHost_\VHost.xml]. After making a backup, find the <RouteEntry> node, which should be empty:
    <RouteEntry></RouteEntry>
    And replace it with:
    <RouteEntry protocol="rtmp">*:*;*:${ORIGIN_PORT}</RouteEntry>
    There is no need to make any changes to this entry.
    Save and Close the VHost.xml file
    
    
13. Restart Services: Adobe Connect Enterprise Server & Adobe Connect Meeting Server
    
    
14. Open the Application Management Console
    1. http://localhost:8510/console
       OR
    2. Start» All Programs» Adobe Connect Enterprise Server» Configure Adobe Connect Enterprise Server
       
       
15. Under Server Settings
    1. Change the Connect Pro Host to your: connect.mydomain.com
    2. Change the Host Mappings External Name to: connectmeeting.mydomain.com
       
       
16. Restart Services: Adobe Connect Enterprise Server & Adobe Connect Meeting Server

Your Adobe Connect server should now be responsive and force over anyone who comes in on port 80 over to SSL. Please feel free to add with comments any further suggestions to this install path!

Related Post: Adobe Connect's API From ColdFusion With SSL